JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.
CASE .NET M7 Exam Prep
Secure Coding Practices for for Session Management
Sign in to Google
to save your progress.
Learn more
* Indicates required question
Email
*
Your email
Name
*
Your answer
Which of the following are Common Threats to Session Management?
*
1 point
Session Hijacking Attack
Session Fixation Attack
Session Prediction Attack
All of the above
None of the above
Required
When should the EnableViewState property be set to false?
*
1 point
When the ViewState Information of the control need to be sent to the browser.
When the ViewState information of the control need to be sent to the server.
When the ViewState information of the control do not need to maintain state with the browser.
When the ViewState information of the control do not need to maintain state with the server.
Session object uses the <sessionState> section in the application's Web.config file to configure session state.
*
1 point
True
False
Which of the following is not a mode provided in
ASP.NET
to maintain session state on the web server?
*
1 point
In Process Mode
Out-of-Process Session Mode
In-Memory Session Mode
SQL-backed Session State
Which of the following is an advantage of maintaining server-side session state using profile properties?
*
1 point
It is faster than the session object as it stores data in a data store.
It's the default, hence no addition configuration is required.
It persist the data until the server and worker-process restarts.
It can be used with any computer and process configurations.
The following code is secure because the URL is used to transfer session tokens, which are less vulnerable to attack.
*
1 point
True
False
The httpOnlyCookie attribute should be set to true in the Web.config file to prevent cross-site forgery attack.
*
1 point
True
False
Which of the following setting for enableViewStateMac is more secure?
*
1 point
A: "false"
B: "true"
Where is the recommended storage to store antiforgery token?
*
1 point
In the Non-Volatile storage on the server.
In local storage on the client.
In the SQL Server.
In the cookie on the client's browser.
Which of the following are recommended for secure session management?
*
1 point
Always store the session data on the server side.
Use short session timeout intervals.
Do not mix session tokens and authentication tokens.
All of the above
Non of the above
Submit
Page 1 of 1
Clear form
Never submit passwords through Google Forms.
This content is neither created nor endorsed by Google.
Report Abuse
-
Terms of Service
-
Privacy Policy
Forms
